-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathcerts.go
More file actions
125 lines (104 loc) · 3.54 KB
/
certs.go
File metadata and controls
125 lines (104 loc) · 3.54 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
package libICP
import (
"math/big"
"github.com/OpenICP-BR/asn1"
)
type certificate_choice struct {
RawContent asn1.RawContent
Certificate Certificate `asn1:"optional,omitempty"`
ExtendedCertificate extended_certificate `asn1:"tag:0,optional,omitempty"`
V1AttrCert attribute_certificate_v1 `asn1:"tag:1,optional,omitempty"`
V2AttrCert attribute_certificate_v2 `asn1:"tag:2,optional,omitempty"`
Other other_certificate_format `asn1:"tag:3,optional,omitempty"`
}
type extended_certificate struct {
ExtendedCertificateInfo extended_certificate_info
SignatureAlgorithm algorithm_identifier
Signature asn1.BitString
}
type extended_certificate_info struct {
Version int
Certificate Certificate
UnauthAttributes attribute `asn1:"set"`
}
type other_certificate_format struct {
RawContent asn1.RawContent
OtherCertFormat asn1.ObjectIdentifier
OtherCert interface{}
}
type revocation_info_choice struct {
RawContent asn1.RawContent
CRL certificate_list `asn1:"optional,omitempty"`
Other other_revocation_info_format `asn1:"tag:1,optional,omitempty"`
}
type other_revocation_info_format struct {
RawContent asn1.RawContent
OtherRevInfoFormat asn1.ObjectIdentifier
OtherRevInfo interface{} `asn1:"optional,omitempty"`
}
type certificate_pack struct {
RawContent asn1.RawContent
TBSCertificate tbs_certificate
SignatureAlgorithm algorithm_identifier
Signature asn1.BitString
}
type tbs_certificate struct {
RawContent asn1.RawContent
Version int `asn1:"optional,explicit,default:0,tag:0"`
SerialNumber *big.Int
Signature algorithm_identifier
Issuer nameT
Validity generalized_validity
Subject nameT
SubjectPublicKeyInfo pair_alg_pub_key
IssuerUniqueID asn1.BitString `asn1:"tag:1,optional,omitempty"`
SubjectUniqueID asn1.BitString `asn1:"tag:2,optional,omitempty"`
Extensions []extension `asn1:"tag:3,optional,omitempty,explicit"`
}
func (cert *tbs_certificate) SetAppropriateVersion() {
cert.Version = 0
if cert.IssuerUniqueID.BitLength != 0 || cert.SubjectUniqueID.BitLength != 0 {
cert.Version = 1
}
if cert.Extensions != nil && len(cert.Extensions) > 0 {
cert.Version = 2
}
}
func (cert certificate_pack) GetRawContent() []byte {
return cert.TBSCertificate.RawContent
}
func (cert certificate_pack) GetSignatureAlgorithm() algorithm_identifier {
return cert.SignatureAlgorithm
}
func (cert certificate_pack) GetSignature() []byte {
return cert.Signature.Bytes
}
func (cert *certificate_pack) SetSignature(dat []byte) {
cert.Signature.Bytes = dat
}
func (cert *certificate_pack) MarshalCert() CodedError {
cert.TBSCertificate.SetAppropriateVersion()
dat, err := asn1.Marshal(cert.TBSCertificate)
if err != nil {
return NewMultiError("failed to marshal TBSCertificate", ERR_FAILED_TO_ENCODE, nil, err)
}
cert.TBSCertificate.RawContent = asn1.RawContent(dat)
return nil
}
func (cert *certificate_pack) MarshalPack() CodedError {
dat, err := asn1.Marshal(cert)
if err != nil {
return NewMultiError("failed to marshal certificate pack", ERR_FAILED_TO_ENCODE, nil, err)
}
cert.RawContent = asn1.RawContent(dat)
return nil
}
func (cert certificate_pack) GetBytesToSign() []byte {
return []byte(cert.TBSCertificate.RawContent)
}
type issuer_and_serial struct {
RawContent asn1.RawContent
Issuer []general_name
Serial *big.Int
IssuerUID asn1.BitString `asn1:"optional"`
}